السؤال #1

A DevOps engineer is designing an application that integrates with a legacy REST API. The application has an AWS Lambda function that reads records from an Amazon Kinesis data stream. The Lambda function sends the records to the legacy REST API. Approximately 10% of the records that the Lambda function sends from the Kinesis data stream have data errors and must be processed manually. The Lambda function event source configuration has an Amazon Simple Queue Service (Amazon SQS) dead-letter queue as an on-fa

A. Increase the retry attempts

B. Configure the setting to split the batch when an error occurs

C. Increase the concurrent batches per shard

D. Decrease the maximum age of record

عرض الإجابة

اجابة صحيحة: AC

السؤال #2

A media company has several thousand Amazon EC2 instances in an AWS account. The company is using Slack and a shared email inbox for team communications and important updates. A DevOps engineer needs to send all AWS-scheduled EC2 maintenance notifications to the Slack channel and the shared inbox. The solution must include the instances Name and Owner tags.Which solution will meet these requirements?

A. Integrate AWS Trusted Advisor with AWS Config

B. Use Amazon EventBridge to monitor for AWS Health events

C. Create an AWS Lambda function that sends EC2 maintenance notifications to the Slack channel and the shared inbox

D. Configure AWS Support integration with AWS CloudTrail

عرض الإجابة

اجابة صحيحة: B

السؤال #3

A company is running an application on Amazon EC2 instances in an Auto Scaling group. Recently, an issue occurred that prevented EC2 instances from launching successfully, and it took several hours for the support team to discover the issue. The support team wants to be notified by email whenever an EC2 instance does not start successfully.Which action will accomplish this?

A. Add a health check to the Auto Scaling group to invoke an AWS Lambda function whenever an instance status is impaired

B. Configure the Auto Scaling group to send a notification to an Amazon SNS topic whenever a failed instance launch occurs

C. Create an Amazon CloudWatch alarm that invokes an AWS Lambda function when a failed AttachInstances Auto Scaling API call is made

D. Create a status check alarm on Amazon EC2 to send a notification to an Amazon SNS topic whenever a status check fail occurs

عرض الإجابة

اجابة صحيحة: B

السؤال #4

A company hosts its staging website using an Amazon EC2 instance backed with Amazon EBS storage. The company wants to recover quickly with minimal data losses in the event of network connectivity issues or power failures on the EC2 instance. Which solution will meet these requirements?

A. Add the instance to an EC2 Auto Scaling group with the minimum, maximum, and desired capacity set to 1

B. Add the instance to an EC2 Auto Scaling group with a lifecycle hook to detach the EBS volume when the EC2 instance shuts down or terminates

C. Create an Amazon CloudWatch alarm for the StatusCheckFailed System metric and select the EC2 action to recover the instance

D. Create an Amazon CloudWatch alarm for the StatusCheckFailed Instance metric and select the EC2 action to reboot the instance

عرض الإجابة

اجابة صحيحة: A

السؤال #5

A company is implementing AWS CodePipeline to automate its testing process. The company wants to be notified when the execution state fails and used the following custom event pattern in Amazon EventBridge:Which type of events will match this event pattern?

A. Failed deploy and build actions across all the pipelines

B. All rejected or failed approval actions across all the pipelines

C. All the events across all pipelines

D. Approval actions across all the pipelines

عرض الإجابة

اجابة صحيحة: B

السؤال #6

A DevOps engineer is working on a data archival project that requires the migration of on-premises data to an Amazon S3 bucket. The DevOps engineer develops a script that incrementally archives on-premises data that is older than 1 month to Amazon S3. Data that is transferred to Amazon S3 is deleted from the on- premises location The script uses the S3 PutObject operation. During a code review the DevOps engineer notices that the script does not verity whether the data was successfully copied to Amazon S3.

A. Check the returned response for the Versioned Compare the returned Versioned against the MD5 checksum

B. Include the MD5 checksum within the Content-MD5 paramete

C. Check the operation call's return status to find out if an error was returned

D. Include the checksum digest within the tagging parameter as a URL query parameter

E. Check the returned response for the ETa

F. Compare the returned ETag against the MD5 checksum

عرض الإجابة

اجابة صحيحة: A

السؤال #7

A company is storing 100 GB of log data in csv format in an Amazon S3 bucket SQL developers want to query this data and generate graphs to visualize it. The SQL developers also need an efficient automated way to store metadata from the csv file. Which combination of steps will meet these requirements with the LEAST amount of effort? (Select THREE.)

A. Fitter the data through AWS X-Ray to visualize the data

B. Filter the data through Amazon QuickSight to visualize the data

C. Query the data with Amazon Athena

D. Query the data with Amazon Redshift

E. Use the AWS Glue Data Catalog as the persistent metadata store

F. Use Amazon DynamoDB as the persistent metadata store

عرض الإجابة

اجابة صحيحة: ADE

السؤال #8

A company is testing a web application that runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The company uses a blue green deployment process with immutable instances when deploying new software. During testing users are being automatically logged out of the application at random times. Testers also report that when a new version of the application is deployed all users are logged out. The development team needs

A. Enable smart sessions on the load balancer and modify the application to check tor an existing session

B. Enable session sharing on the toad balancer and modify the application to read from the session store

C. Store user session information in an Amazon S3 bucket and modify the application to read session information from the bucket

D. Modify the application to store user session information in an Amazon ElastiCache cluster

عرض الإجابة

اجابة صحيحة: D

السؤال #9

A company manages a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The EC2 instances run in an Auto Scaling group across multiple Availability Zones. The application uses an Amazon RDS for MySQL DB instance to store the data. The company has configured Amazon Route 53 with an alias record that points to the ALB.A new company guideline requires a geographically isolated disaster recovery (DR) site with an RTO of 4 hours and an RPO of 15 minutes.Which DR strategy

A. Launch a replica environment of everything except Amazon RDS in a different Availability Zone

B. Launch a replica environment of everything except Amazon RDS in a different AWS Region

C. Launch a replica environment of everything except Amazon RDS in a different AWS Region

D. Launch a replica environment of everything except Amazon RDS in a different AWS Region

عرض الإجابة

اجابة صحيحة: D

السؤال #10

An application running on a set of Amazon EC2 instances in an Auto Scaling group requires a configuration file to operate. The instances are created and maintained with AWS CloudFormation. A DevOps engineer wants the instances to have the latest configuration file when launched, and wants changes to the configuration file to be reflected on all the instances with a minimal delay when the CloudFormation template is updated. Company policy requires that application configuration files be maintained along with

A. In the CloudFormation template, add an AWS Config rule

B. In the CloudFormation template, add an EC2 launch template resource

C. In the CloudFormation template, add an EC2 launch template resource

D. In the CloudFormation template, add CloudFormation init metadata

عرض الإجابة

اجابة صحيحة: B

السؤال #11

An ecommerce company uses a large number of Amazon Elastic Block Store (Amazon EBS) backed Amazon EC2 instances. To decrease manual work across all the instances, a DevOps engineer is tasked with automating restart actions when EC2 instance retirement events are scheduled. How can this be accomplished? https://aws.amazon.com/blogs/mt/automate-remediation-actions-for-amazon-ec2-notifications-and-beyond-using-ec2-systems-manager-automation-and-aws-health/

A. reate a scheduled Amazon EventBridge rule to run an AWS Systems Manager Automation runbook that checks if any EC2 instances are scheduled for retirement once a week If the instance is scheduled for retirement the runbook will hibernate the instance

B. nable EC2Auto Recovery on all of the instances

C. eboot all EC2 instances during an approved maintenance window that is outside of standard business hours Set up Amazon CloudWatch alarms to send a notification in case any instance is failing EC2 instance status checks

D. et up an AWS Health Amazon EventBridge rule to run AWS Systems Manager Automation runbooks that stop and start the EC2 instance when a retirement scheduled event occurs

عرض الإجابة

اجابة صحيحة: D

السؤال #12

A company's application runs on Amazon EC2 instances. The application writes to a log file that records the username, date, time: and source IP address of the login. The log is published to a log group in Amazon CloudWatch Logs The company is performing a root cause analysis for an event that occurred on the previous day The company needs to know the number of logins for a specific user from the past 7 days Which solution will provide this information'? To analyze and find the number of logins for a specifi

A. reate a CloudWatch Logs metric filter on the log group Use a filter pattern that matches the username

B. reate a CloudWatch Logs subscription on the log group Use a filter pattern that matches the username Publish a CloudWatch metric that sums the number of logins over the past 7 days

C. reate a CloudWatch Logs Insights query that uses an aggregation function to count the number of logins for the username over the past 7 days

D. reate a CloudWatch dashboard

عرض الإجابة

اجابة صحيحة: C

السؤال #13

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS loT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters. The company wants to reduce the overhead involved in maintaining and updating its resources. The company's DevOps team plans to use AWS Systems Manager to implement automated management and app

A. Apply tags lo all the EC2 instance

B. AWS loT Greengrass devices, and on-premises server

C. Use Systems Manager Session Manager to push patches to all the tagged devices

D. Use Systems Manager Run Command to schedule patching for the EC2 instances AWS loT Greengrass devices and on-premises servers

E. Use Systems Manager Patch Manager to schedule patching loT the EC2 instances AWS loT Greengrass devices and on-premises servers as a Systems Manager maintenance window task

F. Configure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baseline G

عرض الإجابة

اجابة صحيحة: D

السؤال #14

A rapidly growing company wants to scale for developer demand for AWS development environments. Development environments are created manually in the AWS Management Console. The networking team uses AWS CloudFormation to manage the networking infrastructure, exporting stack output values for the Amazon VPC and all subnets. The development environments have common standards, such as Application Load Balancers, Amazon EC2 Auto Scaling groups, security groups, and Amazon DynamoDB tables.To keep up with demand,

A. Use Fn::ImportValue intrinsic functions in the Resources section of the template to retrieve Virtual Private Cloud (VPC) and subnet values

B. Use nested stacks to define common infrastructure components

C. Use nested stacks to define common infrastructure components

D. Use Fn::ImportValue intrinsic functions in the Parameters section of the root template to retrieve Virtual Private Cloud (VPC) and subnet values

عرض الإجابة

اجابة صحيحة: C

السؤال #15

A DevOps engineer is implementing governance controls for a company that requires its infrastructure to be housed within the United States. The engineer must restrict which AWS Regions can be used, and ensure an alert is sent as soon as possible if any activity outside the governance policy takes place. The controls should be automatically enabled on any new Region outside the United States (US). Which combination of actions will meet these requirements? (Select TWO.) To implement governance controls that r

A. reate an AWS Organizations SCP that denies access to all non-global services in non-US Regions

B. onfigure AWS CloudTrail to send logs to Amazon CloudWatch Logs and enable it for all Regions

C. se an AWS Lambda function that checks for AWS service activity and deploy it to all Regions

D. se an AWS Lambda function to query Amazon Inspector to look for service activity in non-US Regions and send alerts if any activity is found

E. rite an SCP using the aws: RequestedRegion condition key limiting access to US Regions

عرض الإجابة

اجابة صحيحة: AB

السؤال #16

A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.The buildspec.yml file contains the following:The DevOps engineer has noticed that anybody with an AWS account is able to download the artifacts.What steps should the DevOps engineer take to stop this?

A. Modify the post_build command to use --acl public-read and configure a bucket policy that grants read access to the relevant AWS accounts only

B. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access

C. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal *

D. Modify the post_build command to remove --acl authenticated-read and configure a bucket policy that allows read access to the relevant AWS accounts only

عرض الإجابة

اجابة صحيحة: D

السؤال #17

A company runs a web application that extends across multiple Availability Zones. The company uses an Application Load Balancer (ALB) for routing. AWS Fargate (or the application and Amazon Aurora for the application data The company uses AWS CloudFormation templates to deploy the application The company stores all Docker images in an Amazon Elastic Container Registry (Amazon ECR) repository in the same AWS account and AWS Region. A DevOps engineer needs to establish a disaster recovery (DR) process in anot

A. opy the CloudFormation templates and the Dockerfile to an Amazon S3 bucket in the DR Region Use AWS Backup to configure automated Aurora cross-Region hourly snapshots In case of DR, build the most recent Docker image and upload the Docker image to an ECR repository in the DR Region Use the CloudFormation template that has the most recent Aurora snapshot and the Docker image from the ECR repository to launch a new CloudFormation stack in the DR Region Update the application DNS records to point to the new ALB

B. opy the CloudFormation templates to an Amazon S3 bucket in the DR Region Configure Aurora automated backup Cross-Region Replication Configure ECR Cross-Region Replication

C. opy the CloudFormation templates to an Amazon S3 bucket in the DR Region

D. opy the CloudFormation templates to an Amazon S3 bucket in the DR Region

عرض الإجابة

اجابة صحيحة: B

السؤال #18

A company is examining its disaster recovery capability and wants the ability to switch over its daily operations to a secondary AWS Region. The company uses AWS CodeCommit as a source control tool in the primary Region. A DevOps engineer must provide the capability for the company to develop code in the secondary Region. If the company needs to use the secondary Region, developers can add an additional remote URL to their local Git configuration. Which solution will meet these requirements? The best soluti

A. reate a CodeCommit repository in the secondary Region

B. reate an Amazon S3 bucket in the secondary Region

C. reate an AWS CodeArtifact repository in the secondary Region

D. reate an AWS Cloud9 environment and a CodeCommit repository in the secondary Region

عرض الإجابة

اجابة صحيحة: A

السؤال #19

A company has many applications. Different teams in the company developed the applications by using multiple languages and frameworks. The applications run on premises and on different servers with different operating systems. Each team has its own release protocol and process. The company wants to reduce the complexity of the release and maintenance of these applications. The company is migrating its technology stacks, including these applications, to AWS. The company wants centralized control of source co

A. Create one AWS CodeCommit repository for all application

B. Put each application's code in a different branc

C. Merge the branches, and use AWS CodeBuild to build the application

D. Use AWS CodeDeploy to deploy the applications to one centralized application server

E. Create one AWS CodeCommit repository for each of the application

F. Use AWS CodeBuild to build the applications one at a tim G

عرض الإجابة

اجابة صحيحة: D

السؤال #20

A company has developed a serverless web application that is hosted on AWS. The application consists of Amazon S3. Amazon API Gateway, several AWS Lambda functions, and an Amazon RDS for MySQL database. The company is using AWS CodeCommit to store the source code. The source code is a combination of AWS Serverless Application Model (AWS SAM) templates and Python code.A security audit and penetration test reveal that user names and passwords for authentication to the database are hardcoded within CodeCommit

A. Enable Amazon CodeGuru Profiler

B. Associate the CodeCommit repository with Amazon CodeGuru Reviewer

C. Enable Amazon CodeGuru Profiler

D. Associate the CodeCommit repository with Amazon CodeGuru Reviewer

عرض الإجابة

اجابة صحيحة: B-

السؤال #21

A DevOps engineer needs to configure a blue green deployment for an existing three-tier application. The application runs on Amazon EC2 instances and uses an Amazon RDS database The EC2 instances run behind an Application Load Balancer (ALB) and are in an Auto Scaling group. The DevOps engineer has created a launch template and an Auto Scaling group for the blue environment. The DevOps engineer also has created a launch template and an Auto Scaling group for the green environment. Each Auto Scaling group de

A. Start a rolling restart to the Auto Scaling group tor the green environment to deploy the new software on the green environment's EC2 instances When the rolling restart is complete, use an AWS CLI command to update the ALB to send traffic to the green environment's target group

B. Use an AWS CLI command to update the ALB to send traffic to the green environment's target group

C. Update the launch template to deploy the green environment's software on the blue environment's EC2 instances Keep the target groups and Auto Scaling groups unchanged in both environments Perform a rolling restart of the blue environment's EC2 instances

D. Start a rolling restart of the Auto Scaling group for the green environment to deploy the new software on the green environment's EC2 instances When the rolling restart is complete, update the Route 53 DNS to point to the green environments endpoint on the ALB

عرض الإجابة

اجابة صحيحة: ABE

السؤال #22

A global company manages multiple AWS accounts by using AWS Control Tower. The company hosts internal applications and public applications.Each application team in the company has its own AWS account for application hosting. The accounts are consolidated in an organization in AWS Organizations. One of the AWS Control Tower member accounts serves as a centralized DevOps account with CI/CD pipelines that application teams use to deploy applications to their respective target AWS accounts. An IAM role for depl

A. Configure the application accounts deployment IAM role to have a trust relationship with the centralized DevOps account

B. Configure the centralized DevOps accounts deployment IAM role to have a trust relationship with the application account

C. Configure the centralized DevOps accounts deployment IAM role to have a trust relationship with the application account

D. Configure the application accounts deployment IAM role to have a trust relationship with the AWS Control Tower management account

عرض الإجابة

اجابة صحيحة: B

السؤال #23

A company manages an application that stores logs in Amazon CloudWatch Logs. The company wants to archive the logs to an Amazon S3 bucket. Logs are rarely accessed after 90 days and must be retained for 10 years.Which combination of steps should a DevOps engineer take to meet these requirements? (Choose two.)

A. Configure a CloudWatch Logs subscription filter to use AWS Glue to transfer all logs to an S3 bucket

B. Configure a CloudWatch Logs subscription filter to use Amazon Kinesis Data Firehose to stream all logs to an S3 bucket

C. Configure a CloudWatch Logs subscription filter to stream all logs to an S3 bucket

D. Configure the S3 bucket lifecycle policy to transition logs to S3 Glacier after 90 days and to expire logs after 3

E. Configure the S3 bucket lifecycle policy to transition logs to Reduced Redundancy after 90 days and to expire logs after 3

عرض الإجابة

اجابة صحيحة: BD

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان

عرض الإجابات بعد التقديم

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع! احصل الان

عرض الإجابات بعد التقديم

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان